That's a bug I'm currently fixing. It happens because arc uses the pattern of creating a temporary file and then moving it, instead of directly writing to an existing file. The only problem is that the /tmp directory on the rhcloud gears is not on the same file system. So it fails to move the file.

thx,bro,u really rock...so i rebuild a new site http://news-tvvocold.rhcloud.com and i can sign up and login in...but i can't submit still...why that? follew ur instructions i cant push (stuck at 5th step)so i use this

Since I copied it from RayRacine's rackos, it had accidentally said to add the remote as 'rackos', which makes the following lines incorrect. Maybe that wasn't your issue though. Any more details?

As for your repl test, you are directly calling '(nsv), which defaults to binding on port 8080 for all ips, which is against the OpenShift policy. What you want instead is:

(nsv '("127.8.109.xxx" 8080))

Where 127... is your OPENSHIFT_DIY_IP. You can see how it works if you look in main.arc. You may need to correct your current directory as well.

Another alternative would be to just load main.arc from the terminal, which would automatically start the server exactly as the post-deploy script does, but in a way that lets you see all of the errors:

(thread:load "../repo/main.arc")

Of course, you'll have to change the path depending on where you're running the arc interpreter from.

i got it done....and i check ur and my site find that both of us cant submit a simple url like(www.google.com but http://google.com works) with a title ,but only can submit a textwith a title...that's a new problem...if u could tell me what is the right step after the 8step as ur instructions as well.that will be great!---best wishes!

I tried on my site with the url "http://google.com, and that worked. However, doing just "google.com" does not, so it's apparently filtering for fully qualified urls.

As for your error message when run from the command line... I get the same "rm: cannot remove..." message, followed by "load items" and "ready to serve port..." all of which are correct. The only real error is after that part, but I'm not sure why you're getting it. That error looks like something that might happen on a timeout or broken connection with the client.

You should only have to restart it once. Calling 'load-userinfo from the repl is redundant, unless you want to check the value of the admins* table to see if it worked or not.

Which arc directory are you putting it in? There's the one that is the anarki installation under app-root/data, and the other which stores web app data in app-root/repo. You need to put the admins file in the app-root/repo/arc directory, or it won't be found by the app server.

That's probably not the right place to keep it, but I haven't bothered to redirect all of the arc server directories, so that's where it goes for now.

news.arc is one of the libraries that comes with arc, and is a branch of the source for Hacker News and the Arc Forum. It defines all of the functions related specifically to the news site, and is what allows you to run a clone of the forum. It's located in the lib folder of the anarki repo.

main.arc is the launch script I included in my arc-openshift repository. It just sets a few variables, and then launches the news server with the right parameters. It's located in the root directory of the arc-openshift repo.

Other files of interest are the arc libraries srv.arc and app.arc. srv.arc sets up a web server, and app.arc adds extra utilities for things like user management, etc.

Even without SQL, code injection is something to worry about. The Arc codebase is a breeding ground for exactly this kind of issue, since it rarely does string escaping. Let's see...

HTML injection (XSS attacks): This is the kind of injection news.arc primarily needs to worry about. Almost every string it passes around is used directly as an HTML code snippet. Fortunately, every user input is sanitized thanks to the form-generating utilities in app.arc.

Shell injection: Make sure that any directory paths passed to (ensure-dir ...) are already shell-escaped. (Arc also invokes the shell in a few other places, but those don't need any extra escaping.)

Arc injection: The prompt.arc webapp is explicitly designed to let admin users evaluate their own Arc code on the server. If an attacker gained access to this page, it would be worse than any other kind of code injection. Because of this, I don't recommend running prompt.arc on a production site. (If it can't be helped, I recommend at least using HTTPS so admin login credentials and commands can't be intercepted by a man-in-the-middle attack.)

Yeah, that's something I'm trying to think about with the current project that I'm working on. Part of why I brought up mongodb support. Maybe something like datomic would be better.

Starting with simple files is actually really convenient and takes very little effort. Only fixing things that need fixing is a good way to make progress quickly, but it is a little disconcerting not to have many options to switch to.

Maybe building a simple arc-based database would be a good idea, but that also distracts from solving the actual problems I'm working on. Which did not initially include making a new database, as much fun as that would be.

I was working on a simple git-based data storage system for arc as part of my 'metagame' project. Not exactly designed for multi-server use though.